Overview

overview

10

Static

static

10

dis_defender.exe

windows7-x64

10

dis_defender.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dis_defender.exe

  • Size

    12KB

  • MD5

    5e4319826d24eacce3ca0738885722f3

  • SHA1

    f028af3df311cb2d94511c8f05fa7f1efa5268b3

  • SHA256

    6c174114cc8159ea4a8614b5418fa6e6405c42c64675657f69b1ae1839dd0a70

  • SHA512

    f189de4fcc8e3b7ae689b06e8b881d977b15bfe69c6cc762800e3fa2cf929fe16beabee781730f5a1ec10bb61e416afb086332f71178dd9eccc6b87cd53bc0f2

  • SSDEEP

    384:oMsJTP+6OFyf/o0xPSzbbVxu2mnj1jPGUc5tuTpqKi3hC4:oMsJTP+6OFy3LhIbbxafc5tuTpqKYhJ

Score
10/10

Malware Config

Signatures

  • Contains code to disable Windows Defender 1 IoCs

    A .NET executable tasked with disabling Windows Defender capabilities such as realtime monitoring, blocking at first seen, etc.

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • dis_defender.exe
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections